-----Original Message----- From: Andrew Featherstone [mailto:andrew.featherstone@gmail.com] Sent: Tuesday, March 10, 2020 5:29 PM To: Roberts, William C <william.c.roberts(a)intel.com&gt; Cc: tpm2(a)lists.01.org; Desai, Imran <imran.desai(a)intel.com&gt; Subject: Re: [tpm2] tpm2_certify signature verification I think I've made some progress here. I think the signature is over a digest of the entire attestation structure. Here's an example of certifying a primary key under the endorsement hierarchy. I think this could do with a little polish, but I think it's a useful example. The eventual aim is to use this as part of the SKAE Extension in X.509 certificates. tpm2_createprimary -Q -C e -g sha256 -G rsa -c primary.ctx tpm2_create -Q -g sha256 -G rsa -u certify.pub -r certify.priv -C primary.ctx # Generate a PEM file suitable for use with OpenSSL containing the public key used to certify the primary key. tpm2_readpublic -Q -c certify.ctx -f pem -o certify.pem tpm2_certify -Q -c primary.ctx -C certify.ctx -g sha256 -o attest.out -s sig.out # We're only interested in the raw SHA-256 signature, not the TPMT_SIGNATURE's TPMI_ALG_SIG_SCHEME, so extract the raw signature from the last 256 bytes. tail -c 256 sig.out > sig.out.raw

# Verify the signature across a SHA-256 digest of the TPM2B_ATTEST structure using OpenSSL. $ openssl dgst -verify certify.pem -keyform pem -sha256 -signature sig.out.raw attest.out Verified OK On Tue, 10 Mar 2020 at 16:56, Roberts, William C <william.c.roberts(a)intel.com <mailto:william.c.roberts@intel.com> > wrote: Imran could you weigh in on this? Thanks, Bill > -----Original Message----- > From: andrew.featherstone(a)gmail.com <mailto:andrew.featherstone@gmail.com> > [mailto:andrew.featherstone@gmail.com <mailto:andrew.featherstone@gmail.com> ] > Sent: Saturday, March 7, 2020 7:12 AM > To: tpm2(a)lists.01.org <mailto:tpm2@lists.01.org> > Subject: [tpm2] tpm2_certify signature verification > > Hi there, > > I'm trying to use the output of tpm2_certify to construt the Subject Key > Attestation Evidence Extension (SKAE Extension)[1] for a X.509 Certificate > Request. I've followed the example at https://github.com/tpm2- software/tpm2- > tools/blob/master/man/tpm2_certify.1.md <http://tpm2_certify.1.md> , but I'm struggling to work out how > to use the tpm2-tools to check the signature over the attestation structure. > Looking at https://github.com/tpm2-software/tpm2- > tools/blob/master/man/tpm2_verifysignature.1.md <http://tpm2_verifysignature.1.md> I expected to perform > something like the following (unfortunately I'm not able to retrieve the complete > command history right now): > > tpm2_create -G rsa -u rsa.pub -r rsa.priv -C primary.ctx tpm2_load -C primary.ctx > -u rsa.pub -r rsa.priv -c rsa.ctx tpm2_certify -c rsa.ctx -C certify.ctx -g sha256 -o > attest.out -s sig.out tpm2_verifysignature -c rsa.ctx -g sha256 -m attest.out -s > sig.out > WARNING:esys:../tpm2-tss-2.3.2/src/tss2- > esys/api/Esys_VerifySignature.c:302:Esys_VerifySignature_Finish() Received > TPM Error > ERROR:esys:../tpm2-tss-2.3.2/src/tss2- > esys/api/Esys_VerifySignature.c:103:Esys_VerifySignature() Esys Finish ErrorCode > (0x000002db) > ERROR: Esys_VerifySignature(0x2DB) - tpm:parameter(2):the signature is not > valid > ERROR: Verify signature failed! > ERROR: Unable to run tpm2_verifysignature > > Is anyone able to post a complete example to show how the output of > tpm2_certify is verified, based on the attestation key used? > > [1] https://trustedcomputinggroup.org/wp- > content/uploads/IWG_SKAE_Extension_1-00.pdf > _______________________________________________ > tpm2 mailing list -- tpm2(a)lists.01.org <mailto:tpm2@lists.01.org> > To unsubscribe send an email to tpm2-leave(a)lists.01.org <mailto:tpm2- leave(a)lists.01.org&gt; > %(web_page_url)slistinfo%(cgiext)s/%(_internal_name)s